James Morris jmor...@namei.org wrote:
However, we don't have to include the DSA stuff in the kernel; I can always
discard that patch from the upstream-aimed patchset.
I'd encourage dropping DSA, as there appears to be no legacy justification
for its inclusion.
Okay, done that.
David
On 11/29/2011 03:42 PM, David Howells wrote:
I have provided a couple of subtypes: DSA and RSA. Both types have signature
verification facilities available within the kernel, and both can be used for
module signature verification with any encryption algorithm known by the PGP
parser,
H. Peter Anvin h.peter.an...@intel.com wrote:
Do we really need the complexity of a full OpenPGP parser? Parsers are
notorious security problems.
Actually, I don't have a full PGP parser. I only handle the minimum I need.
It can parse the packet stream, public key packets and signature
On Mon, 5 Dec 2011, David Howells wrote:
However, we don't have to include the DSA stuff in the kernel; I can always
discard that patch from the upstream-aimed patchset.
I'd encourage dropping DSA, as there appears to be no legacy justification
for its inclusion.
- James
--
James Morris
On Tue, Nov 29, 2011 at 11:42:58PM +, David Howells wrote:
Here are a set of patches that create a framework for using cryptographic keys
within the kernel. The patches can also be found at:
Here are a set of patches that create a framework for using cryptographic keys
within the kernel. The patches can also be found at:
http://git.kernel.org/?p=linux/kernel/git/dhowells/linux-modsign.git;a=shortlog;h=refs/heads/devel
The basic crypto key has no requirements as to how the